SSO: Add example for configuring SSO with LDAP (#1796)

* add example for configuring SSO with LDAP * terraform fmt * generate docs
grafana · Sep 9, 2024 · 78c55ad · 78c55ad
1 parent 680d387
commit 78c55ad
Show file tree

Hide file tree

Showing 2 changed files with 84 additions and 0 deletions.
diff --git a/docs/resources/sso_settings.md b/docs/resources/sso_settings.md
@@ -65,6 +65,48 @@ resource "grafana_sso_settings" "saml_sso_settings" {
     name_id_format            = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
   }
 }
+
+# Configure SSO using LDAP
+resource "grafana_sso_settings" "ldap_sso_settings" {
+  provider_name = "ldap"
+
+  ldap_settings {
+    enabled = "true"
+    config {
+      servers {
+        host          = "127.0.0.1"
+        port          = 389
+        search_filter = "(cn=%s)"
+        bind_dn       = "cn=admin,dc=grafana,dc=org"
+        bind_password = "grafana"
+        search_base_dns = [
+          "dc=grafana,dc=org",
+        ]
+        attributes = {
+          name      = "givenName"
+          surname   = "sn"
+          username  = "cn"
+          member_of = "memberOf"
+          email     = "email"
+        }
+        group_mappings {
+          group_dn      = "cn=superadmins,dc=grafana,dc=org"
+          org_role      = "Admin"
+          org_id        = 1
+          grafana_admin = true
+        }
+        group_mappings {
+          group_dn = "cn=users,dc=grafana,dc=org"
+          org_role = "Editor"
+        }
+        group_mappings {
+          group_dn = "*"
+          org_role = "Viewer"
+        }
+      }
+    }
+  }
+}
 ```
 
 <!-- schema generated by tfplugindocs -->

diff --git a/examples/resources/grafana_sso_settings/resource.tf b/examples/resources/grafana_sso_settings/resource.tf
@@ -46,3 +46,45 @@ resource "grafana_sso_settings" "saml_sso_settings" {
     name_id_format            = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
   }
 }
+
+# Configure SSO using LDAP
+resource "grafana_sso_settings" "ldap_sso_settings" {
+  provider_name = "ldap"
+
+  ldap_settings {
+    enabled = "true"
+    config {
+      servers {
+        host          = "127.0.0.1"
+        port          = 389
+        search_filter = "(cn=%s)"
+        bind_dn       = "cn=admin,dc=grafana,dc=org"
+        bind_password = "grafana"
+        search_base_dns = [
+          "dc=grafana,dc=org",
+        ]
+        attributes = {
+          name      = "givenName"
+          surname   = "sn"
+          username  = "cn"
+          member_of = "memberOf"
+          email     = "email"
+        }
+        group_mappings {
+          group_dn      = "cn=superadmins,dc=grafana,dc=org"
+          org_role      = "Admin"
+          org_id        = 1
+          grafana_admin = true
+        }
+        group_mappings {
+          group_dn = "cn=users,dc=grafana,dc=org"
+          org_role = "Editor"
+        }
+        group_mappings {
+          group_dn = "*"
+          org_role = "Viewer"
+        }
+      }
+    }
+  }
+}